Bump the dependencies group with 7 updates

[dependabot]

Bumps the dependencies group with 7 updates:

Package	From	To
@babel/preset-env	7.29.3	7.29.5
react	19.2.5	19.2.6
rollup	4.60.2	4.60.3
react-router	7.14.2	7.15.0
@types/node	24.12.2	24.12.4
react-dom	19.2.5	19.2.6
vite	8.0.10	8.0.12

Updates @babel/preset-env from 7.29.3 to 7.29.5

Release notes

Sourced from @​babel/preset-env's releases.

v7.29.5 (2026-05-05)

🏠 Internal

• babel-preset-env
  • Update @babel/* dependencies

v7.29.4 (2026-05-05)

🐛 Bug Fix

• babel-plugin-transform-modules-systemjs
  • #17974 [7.x backport]fix(systemjs): improve module string name support (@​JLHwung)

Committers: 1

• Huáng Jùnliàng (@​JLHwung)

Commits

• 3cd910d v7.29.5
• 3d399f8 [7.x backport]docs(preset-env): update CONTRIBUTING.md (#17976)
• See full diff in compare view

Updates react from 19.2.5 to 19.2.6

Release notes

Sourced from react's releases.

19.2.6 (May 6th, 2026)

React Server Components

• Type hardening and performance improvements (#36425 by @​eps1lon and @​unstubbable)

Commits

• eaf3e95 Version 19.2.6
• See full diff in compare view

Updates rollup from 4.60.2 to 4.60.3

Changelog

Sourced from rollup's changelog.

4.60.3

2026-05-04

Bug Fixes

• Ensure nested "exports" variables are not renamed (#6360)

Pull Requests

• #6360: fix: do not rename nested "exports" bindings that do not conflict (@​tariqrafique, @​lukastaegert)
• #6364: chore(deps): update msys2/setup-msys2 digest to e989830 (@​renovate[bot])
• #6365: fix(deps): update minor/patch updates (@​renovate[bot])
• #6366: fix(deps): update swc monorepo (major) (@​renovate[bot])
• #6367: chore(deps): lock file maintenance (@​renovate[bot], @​lukastaegert)
• #6368: docs: add missing backticks in plugin-development (@​lumirlumir, @​lukastaegert)

Commits

• b47bdab 4.60.3
• 15c5f33 Add again some unneeded dev dependencies, to make some builds succeed
• 12195dc fix: do not rename nested "exports" bindings that do not conflict (#6360)
• b74aa39 Migrate instructions to AGENTS.md
• aa5a377 fix(deps): update minor/patch updates (#6365)
• 197e68b chore(deps): update msys2/setup-msys2 digest to e989830 (#6364)
• cded70a fix(deps): update swc monorepo (major) (#6366)
• bb2b8a5 docs: add missing backticks in plugin-development (#6368)
• 20af1c4 chore(deps): lock file maintenance (#6367)
• See full diff in compare view

Updates react-router from 7.14.2 to 7.15.0

Release notes

Sourced from react-router's releases.

v7.15.0

See the changelog for release notes: https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v7150

Changelog

Sourced from react-router's changelog.

v7.15.0

Minor Changes

• Stabilize unstable_defaultShouldRevalidate as defaultShouldRevalidate on <Link>, <Form>, useLinkClickHandler, useSubmit, fetcher.submit, and setSearchParams (a993f09)

  • ⚠️ This is a breaking change if you have already opted into the unstable version - you will need to update your code accordingly

• Stabilize the instrumentation APIs. unstable_instrumentations is now instrumentations and unstable_pattern is now pattern (a993f09)

  • The unstable_ServerInstrumentation, unstable_ClientInstrumentation, unstable_InstrumentRequestHandlerFunction, unstable_InstrumentRouterFunction, unstable_InstrumentRouteFunction, and unstable_InstrumentationHandlerResult types have had their unstable_ prefixes removed
  • ⚠️ This is a breaking change if you have already opted into the unstable version - you will need to update your code accordingly

• Stabilize unstable_mask as mask on <Link>, useLinkClickHandler, and useNavigate, and rename the corresponding Location.unstable_mask field to Location.mask (a993f09)

  • ⚠️ This is a breaking change if you have already opted into the unstable version - you will need to update your code accordingly

• Stabilize the unstable_normalizePath option on staticHandler.query and staticHandler.queryRoute as normalizePath (a993f09)

  • ⚠️ This is a breaking change if you have already opted into the unstable version - you will need to update your code accordingly

• Stabilize future.unstable_passThroughRequests as future.v8_passThroughRequests (a993f09)

  • ⚠️ This is a breaking change if you have already opted into the unstable version - you will need to update your code accordingly

• Remove unstable_subResourceIntegrity from the runtime FutureConfig type; the flag is now controlled by the top-level subResourceIntegrity option in react-router.config.ts (a993f09)

  • ⚠️ This is a breaking change if you have already opted into the unstable version - you will need to update your code accordingly

• Stabilize unstable_url as url on loader, action, and middleware function args (a993f09)

  • ⚠️ This is a breaking change if you have already opted into the unstable version - you will need to update your code accordingly

• Stabilize unstable_useTransitions as useTransitions on <BrowserRouter>, <HashRouter>, <HistoryRouter>, <MemoryRouter>, <Router>, <RouterProvider>, <HydratedRouter>, and useLinkClickHandler (a993f09)

  • ⚠️ This is a breaking change if you have already opted into the unstable version - you will need to update your code accordingly

Patch Changes

• Add nonce to <Scripts> <link rel="modulepreload"> elements (if provided) (af5d49b)

• Fix a bug with unstable_defaultShouldRevalidate={false} where parent routes that did not export a shouldRevalidate function could be incorrectly included in the single fetch call for new child route data (#15012)

• Improve server-side route matching performance by pre-computing flattened/cached route branches (#14967) (af5d49b)

  • Performance benchmarks showed roughly a 10-15% improvement in server-side request handling performance

• Mark mask as an optional field in Location for easier mocking in unit tests (#14999)

• Cache flattened/ranked route branches to optimize server-side route matching (#14967)

• Improve route matching performance in Framework/Data Mode (#14971) (af5d49b)

  • Avoiding unnecessary calls to matchRoutes in data router scenarios
    • This includes adding back the optimization that was removed in 7.6.0 (#13562)
    • The issues that prompted the revert have been addressed by using the available router matches but always updating match.route to the latest route in the manifest
  • Leverage pre-computed pre-computing flattened/cached route branches during client side route matching
  • Performance benchmarks showed roughly a 15-30% improvement in server-side request handling performance

Commits

• 97c8de7 Release v7.15.0 (#15018)
• af5d49b Update change files again
• a993f09 Update change files
• 362635b Move chnageset to change file
• e756132 chore: format
• 49295b5 Stabilize APIs (#14999)
• 5f61543 Client-side route matching optimizations (#14971)
• 67518cb Remove unnecessary hasShouldRevalidate condition for opting out (#15012)
• 6f18edd Add nonce to scripts modulepreload (#15002)
• 10a9686 Migrate changeset to change file
• Additional commits viewable in compare view

Updates @types/node from 24.12.2 to 24.12.4

Commits

• See full diff in compare view

Updates react-dom from 19.2.5 to 19.2.6

Release notes

Sourced from react-dom's releases.

19.2.6 (May 6th, 2026)

React Server Components

• Type hardening and performance improvements (#36425 by @​eps1lon and @​unstubbable)

Commits

• eaf3e95 Version 19.2.6
• See full diff in compare view

Updates vite from 8.0.10 to 8.0.12

Release notes

Sourced from vite's releases.

v8.0.12

Please refer to CHANGELOG.md for details.

v8.0.11

Please refer to CHANGELOG.md for details.

Changelog

Sourced from vite's changelog.

8.0.12 (2026-05-11)

Features

• update rolldown to 1.0.0 (#22401) (cf0ff41)

Bug Fixes

• deps: update all non-major dependencies (#22420) (2be6000)
• module-runner: prevent partial-exports race on concurrent imports of in-flight invalidated re-export chains (#22369) (f5a22e6)
• refer to rolldownOptions instead of deprecated rollupOptions in messages (#22400) (b675c7b)
• worker: apply build.target to worker bundle (#22404) (3c93fde)
• worker: forward define to worker bundle transform (#22408) (d4838a0)

Miscellaneous Chores

• deps: update dependency eslint-plugin-n to v18 (#22423) (2fe7bd2)
• deps: update rolldown-related dependencies (#22421) (66b9eb3)

8.0.11 (2026-05-07)

Features

• update rolldown to 1.0.0-rc.18 (#22360) (3f80524)

Bug Fixes

• deps: update all non-major dependencies (#22334) (672c962)
• deps: update all non-major dependencies (#22382) (5c0cfcb)
• glob: align hmr matcher options with glob enumeration (#22306) (30028f9)
• make separate object instance for each environment (#22276) (7c2aa3b)

Documentation

• create-vite: list react-compiler templates in README (#22347) (7c3a61f)
• explain mergeConfig skips null/undefined (#22325) (2151f70)
• mention native config loader in CLI options (#22348) (0420c5d)
• update evan's x handle (640202a)

Miscellaneous Chores

• deps: update dependency tsdown to ^0.21.10 (#22333) (3b51e05)
• deps: update rolldown-related dependencies (#22383) (555ff36)
• deps: update transitive packages to fix npm audit alerts (#22316) (86aee62)

Code Refactoring

• devtools integration (#22312) (3c8bf06)
• remove unnecessary async (#22296) (b31fd35)
• show direct path type in bad character warning (#22339) (0c162e9)

Tests

... (truncated)

Commits

• 4dce8b4 release: v8.0.12
• b675c7b fix: refer to rolldownOptions instead of deprecated rollupOptions in mess...
• 66b9eb3 chore(deps): update rolldown-related dependencies (#22421)
• 2fe7bd2 chore(deps): update dependency eslint-plugin-n to v18 (#22423)
• 2be6000 fix(deps): update all non-major dependencies (#22420)
• d4838a0 fix(worker): forward define to worker bundle transform (#22408)
• cf0ff41 feat: update rolldown to 1.0.0 (#22401)
• 3c93fde fix(worker): apply build.target to worker bundle (#22404)
• f5a22e6 fix(module-runner): prevent partial-exports race on concurrent imports of in-...
• 66f3194 release: v8.0.11
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions